Hot!Install Policy from FTM to FTG issue // "Input is not a valid CA certificate"

Author
amelguizo
New Member
  • Total Posts : 4
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/11/28 17:06:08
  • Status: offline
2020/01/02 11:51:46 (permalink)
0

Install Policy from FTM to FTG issue // "Input is not a valid CA certificate"

Hi, 
I'm running 5.4 in FTG and 6.0 in FTM in KVM environment. ADOMS running ok, but I'm not able to intall the pocily for the first time. 
FortiGate-VM64-KVM # config vpn certificate ca

FortiGate-VM64-KVM (ca) # edit "ADOM_TEST"

FortiGate-VM64-KVM (ADOM_TEST) # set ca "-----BEGIN CERTIFICATE-----
> MIIDADCCAeigAwIBAgIgNkJBOURFQzUyMUVCQ0IxODkxQjgwRjlDMkNGOEQ3RjUw
> DQYJKoZIhvcNAQEFBQAwKzEWMBQGA1UEChMNRm9ydGluZXQgTHRkLjERMA8GA1UE

.....

....
> -----END CERTIFICATE-----"

Input is not a valid CA certificate.

 
Please some workaround?
Thx!
 
 
#1

6 Replies Related Threads

    jonathan007
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/01/22 14:29:58
    • Status: offline
    Re: Install Policy from FTM to FTG issue // "Input is not a valid CA certificate" 2020/01/26 10:46:00 (permalink)
    0
    I have the same issue, Can you solved this? thanks for your help
    #2
    djar
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/04/08 03:07:08
    • Status: offline
    Re: Install Policy from FTM to FTG issue // "Input is not a valid CA certificate" 2020/04/08 03:08:35 (permalink)
    0
    Same issue here with Fortimanger v6.2.3-build1235 in an untouched brand new virtual lab installation.
    #3
    emnoc
    Expert Member
    • Total Posts : 5622
    • Scores: 357
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: Install Policy from FTM to FTG issue // "Input is not a valid CA certificate" 2020/04/08 07:02:19 (permalink)
    0
    Is the cert your installing a  "CA", if not it will fail. Try loading the certificate to a computer and check for a CA type.
     
    Ken Felix

    PCNSE 
    NSE 
    StrongSwan  
    #4
    djar
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/04/08 03:07:08
    • Status: offline
    Re: Install Policy from FTM to FTG issue // "Input is not a valid CA certificate" 2020/04/09 01:53:14 (permalink)
    0
    emnoc
    Is the cert your installing a  "CA", if not it will fail. Try loading the certificate to a computer and check for a CA type.

    I decoded it and checked it with OpenSSL, it is a CA cert.
    Also, this certificate has not been installed by me. In fact, nothing has been installed so far. Set up Fortigate VM, setup the Fortimager, thats it. No changes from the default, sothis must be some kind of bug?
    #5
    emnoc
    Expert Member
    • Total Posts : 5622
    • Scores: 357
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: Install Policy from FTM to FTG issue // "Input is not a valid CA certificate" 2020/04/09 07:17:24 (permalink)
    0
    Are you sure the cert be copied is not mangle or cutoff  in any shape ? If you access a fgt via cli and paste the cert in does it take ? I just had that issue in  FGT6.2.3 btw, hence why I ask.
     
    Ken Felix

    PCNSE 
    NSE 
    StrongSwan  
    #6
    Dave Hall
    Expert Member
    • Total Posts : 1673
    • Scores: 174
    • Reward points: 0
    • Joined: 2012/05/11 07:55:58
    • Location: Canada
    • Status: online
    Re: Install Policy from FTM to FTG issue // "Input is not a valid CA certificate" 2020/04/09 10:15:36 (permalink)
    0
    Perhaps the text encoding is not correct (e.g. UTF-8 vs unicoded); I usually just copy/paste into (say) notepad then select that text (in notepad) copy/paste that back into whatever I was trying to do. 

    NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
    #7
    Jump to:
    © 2020 APG vNext Commercial Version 5.5